There was a time when surfing was a harmless hobby. But today, it is an apt metaphor for the dangers lurking beneath your screen. The internet has evolved from when it was a luxury to now, when it is a necessity.

It is necessity not just for the common man, but for large corporations who do the bulk of their monetary transactions and other organisational activities on the internet. With the increasing dependence on the internet come the dangers associated with the ticking time-bomb.

According to Kaspersky's IT Risk Report, more attacks are being specifically targeted, which means hackers are identifying target companies and attacking them. Targeted attacks are more difficult to fend off since they are planned. Nine per cent of organisations questioned in the Kaspersky survey had suffered a targeted attack on their business in the last year—many losing vital intellectual property in the process.

In 2016, nearly half of all companies surveyed (49 per cent) suffered at least one cyber ransom incident—either a ransomware attack (39 per cent) or a ransom denial of service (RDoS) attack (17 per cent).

What makes the situation all the more dangerous is lack of preparedness of big corporates. Cisco 2017 Security Capabilities Benchmark study found less than half of large corporations were prepared for cyber attacks.

So corporations have to come up with strategies to safeguard their assets on the web, and the strategies have to be diverse, given the diverse range of options available to cyber criminals to cripple an organisation's activities on the internet.

Every year, hacking is becoming more sophisticated and as a result, harder for companies to monitor and control. Corporations and government agencies are targeted every single day by hackers from around the world. So, how can these be stopped?

The need for strict company policyCompanies need to have strategies put in place to safeguard their integrity on the internet, and the strategies start from simply educating employees and clients about the need for security on the web.

Cisco's mid-year cybersecurity report for 2017 states that business email compromise (BEC) has become a highly lucrative threat vector for attackers. According to the Internet Crime Complaint Center (IC3), $5.3 billion was stolen due to BEC fraud between October 2013 and December 2016. In comparison, ransomware exploits took in $1 billion in 2016.

All too often, the company's cybersecurity is compromised by the negligence of one employee on their rolls. That person may click on a spam e-mail thread or may use a poor password, which in effect, become the hackers' key to unlock the company's assets on the web.

Email malware hit businesses of all sizes in 2016. However, small- to medium-sized businesses (with 251 to 500 employees) were the most impacted

It is important for companies to ensure that their employees are educated about the perils of clicking on dangerous e-mails and the importance of having a password that cannot be easily compromised. Companies need to ensure their employees know what the latest scams are, what the latest cyber threats are, and how they can help in ensuring that these do not affect their own company.

All systems goThis one is uncomplicated. Ensure that all of your systems, networks and software are up to date. Updates to operating systems, browsers, firewalls and anti-virus software are very often ignored by even the biggest corporates, and it is this ignorance that the hackers play on to breach security systems.

The Cisco report states that Spyware plays on this ignorance from companies to attack their cyber systems.

However, spyware can steal user and company information, weaken the security posture of devices, and increase malware infections. Spyware infections are also rampant. Cisco threat researchers studied three select spyware families and found that they were present in 20 percent of the 300 companies in the sample.

Using cloud servicesCorporations can save both time and money by using cloud services for data storage. Cloud services are a cost-effective and secure alternative to purchasing and managing server farms. It can often be cost-prohibitive for smaller businesses to purchase, manage and maintain server farms.

Cloud service providers are responsible for the physical, legal, operational, and infrastructure security of the technology they sell. However, businesses are responsible for securing the use of underlying cloud services. According to Cisco, it is imperative that the same best practices used to ensure security in on-premises environments are used to prevent unauthorized access of cloud services.

Expert adviceThis, on face value, may sound an expensive option. But it is possibly the single biggest necessity for any organisation these days. Rather than having regular employees multi-tasking and securing the organisation's web presence, a full-fledged security expert is a necessity.

The security consultant is important because far too often, half-baked knowledge ensures that there are wrong steps taken to secure the organisation on the web. As such, adding firewalls and other security filters to an already insecure system does not do the company any good. Instead, there needs to be a revamp of the whole security system.

When an entire system has to be revamped, that is where the full-time cybersecurity expert comes into play. Any company needs someone who fully understands what the risks are, where they come from and how they can be averted.

The truth of the matter is that with every passing day, cyber attackers are arming themselves with new tricks. So it is up to individuals and organisations to secure themselves from a threat that shows no sign of going away anytime soon.

Sponsored Stories

Subscribe to our Newsletters

In an interview with ETCIO, Kedar Upadhye, Jt President & Global CFO, Cipla, throws light on some innovative IT projects that Cipla has implemented,as part of its digital transformation strategy, to fuel business growth.

Sudhanshu Pokhriyal, President of Textiles at Raymond, firmly believes that digital transformation is a top-down approach. Taking the lead on the initiative, he has devised an innovative digital strategy that enhances customer experience while helping retailers in their business.